“The vulnerability lies within Samsung’s Exynos 4 chip, and means any app could—in theory— extract data from a phone’s RAM or shoot a jet of molten malicious code directly into the kernel,” CNET UK wrote. The vulnerability was discovered by XDA Developers member alephzain while he or she was trying to discover a new root method on the Galaxy S III.

It’s unclear if any Galaxy S III or Note II owners have actually been affected by the security hole. Either way, it’s unfortunate customers are exposed to such an attack—folks will just need to be more diligent when downloading new apps.

Right now, XDA Developers haven’t been able to plug the whole while retaining 100 percent functionality. For example, on the S III, adjusting the device’s code fixes the issue, but it leads to a disabled camera. Let’s hope Samsung can come up with a fix soon.